What we know at this point that someone was able to obtain unauthorized
access to the phpmyadmin utility. We do not exactly how they obtained
access; it was either by compromising an admins credentials, or by
exploiting an unpatched vulnerability in phpmyadmin.